-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Apr 28, 2008 at 05:14:18PM +0000, Andrew Pantyukhin wrote: > sat 2008-04-28 17:14:17 UTC > > FreeBSD ports repository > > Modified files: > security/vuxml vuln.xml > Log: > - A new Firefox vulnerability currently affects 10 of our ports, on > average. A new VuXML entry usually forgets about 8 of them. >
Hi Andrew, That's wrong, seamonkey and thunderbird is't affected, http://www.mozilla.org/projects/security/known-vulnerabilities.html#Thunderbird http://www.mozilla.org/projects/security/known-vulnerabilities.html#SeaMonkey and Thunderbird 2.0.14 and Seamonkey 1.1.10 is't released. Please revert back this. > Wiki: http://wiki.freebsd.org/VuXML > > Revision Changes Path > 1.1613 +29 -7 ports/security/vuxml/vuln.xml > http://cvsweb.FreeBSD.org/ports/security/vuxml/vuln.xml.diff?r1=1.1612&r2=1.1613 > | --- ports/security/vuxml/vuln.xml 2008/04/28 07:34:38 1.1612 > | +++ ports/security/vuxml/vuln.xml 2008/04/28 17:14:17 1.1613 > | @@ -28,7 +28,7 @@ WHETHER IN CONTRACT, STRICT LIABILITY, O > | OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, > | EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > | > | - $FreeBSD: /usr/local/www/cvsroot/FreeBSD/ports/security/vuxml/vuln.xml,v > 1.1612 2008/04/28 07:34:38 miwi Exp $ > | + $FreeBSD: /usr/local/www/cvsroot/FreeBSD/ports/security/vuxml/vuln.xml,v > 1.1613 2008/04/28 17:14:17 sat Exp $ > | > | Note: Please add new entries to the beginning of this file. > | > | @@ -212,7 +212,7 @@ Note: Please add new entries to the beg > | </vuln> > | > | <vuln vid="67bd39ba-12b5-11dd-bab7-0016179b2dd5"> > | - <topic>firefox -- javascript harbage collector vulnerability</topic> > | + <topic>firefox -- javascript garbage collector vulnerability</topic> > | <affects> > | <package> > | <name>firefox</name> > | @@ -222,17 +222,38 @@ Note: Please add new entries to the beg > | <name>linux-firefox</name> > | <range><lt>2.0.0.14</lt></range> > | </package> > | + <package> > | + <name>seamonkey</name> > | + <name>linux-seamonkey</name> > | + <range><lt>1.1.10</lt></range> > | + </package> > | + <package> > | + <name>flock</name> > | + <name>linux-flock</name> > | + <range><lt>1.1.2</lt></range> > | + </package> > | + <package> > | + <name>linux-firefox-devel</name> > | + <name>linux-seamonkey-devel</name> > | + <range><gt>0</gt></range> > | + </package> > | + <package> > | + <name>thunderbird</name> > | + <name>linux-thunderbird</name> > | + <range><lt>2.0.0.14</lt></range> > | + </package> > | </affects> > | <description> > | <body xmlns="http://www.w3.org/1999/xhtml";> > | <p>Mozilla Foundation reports:</p> > | <blockquote > cite="http://www.mozilla.org/security/announce/2008/mfsa2008-20.html";> > | <p>Fixes for security problems in the JavaScript engine described in > | - MFSA 2008-15 introduced a stability problem, where some users > experienced > | - crashes during JavaScript garbage collection. This is being fixed > primarily > | - to address stability concerns. We have no demonstration that this > particular > | - crash is exploitable but are issuing this advisory because some > crashes of this > | - type have been shown to be exploitable in the past.</p> > | + MFSA 2008-15 introduced a stability problem, where some users > | + experienced crashes during JavaScript garbage collection. This is > | + being fixed primarily to address stability concerns. We have no > | + demonstration that this particular crash is exploitable but are > | + issuing this advisory because some crashes of this type have been > | + shown to be exploitable in the past.</p> > | </blockquote> > | </body> > | </description> > | @@ -246,6 +267,7 @@ Note: Please add new entries to the beg > | <dates> > | <discovery>2008-04-16</discovery> > | <entry>2008-04-25</entry> > | + <modified>2008-04-28</modified> > | </dates> > | </vuln> > | > - -- +-----------------------+-------------------------------+ | PGP : 0x05682353 | Jabber : miwi(at)BSDCrew.de | | ICQ : 169139903 | Mail : miwi(at)FreeBSD.org | +-----------------------+-------------------------------+ | Mess with the Best, Die like the Rest! | +-----------------------+-------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFIFgnCFwpycAVoI1MRAgS4AJ9FLmjdFnkdhvrRfO6d7uwccLDDagCfaXBm Nt3nthxBIUdEFgMmoCg/j4U= =JkyL -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[EMAIL PROTECTED]"
